Xerox says subsidiary XBS U.S. breached after ransomware gang leaks data
The U.S. division of Xerox Business Solutions (XBS) has been compromised by hackers with a limited amount of personal information possibly exposed, according to a…
Category: Bleeping Computer
Google Groups is ending support for Usenet to combat spam
Google has officially announced it’s ceasing support for Usenet groups on its Google Groups platform, a move partly attributed to the platform’s increasing struggle with…
Victoria court recordings exposed in reported ransomware attack
Australia’s Court Services Victoria (CSV) is warning that video recordings of court hearings were exposed after suffering a reported Qilin ransomware attack. CSV is an…
The biggest cybersecurity and cyberattack stories of 2023
2023 was a big year for cybersecurity, with significant cyberattacks, data breaches, new threat groups emerging, and, of course, zero-day vulnerabilities. Some stories, though, were…
The law enforcement operations targeting cybercrime in 2023
In 2023, we saw numerous law enforcement operations targeting cybercrime operations, including cryptocurrency scams, phishing attacks, credential theft, malware development, and ransomware attacks. While some…
Android game dev’s Google Drive misconfig highlights cloud security risks
Japanese game developer Ateam has proven that a simple Google Drive configuration mistake can result in the potential but unlikely exposure of sensitive information for…
New Black Basta decryptor exploits ransomware flaw to recover files
Researchers have created a decryptor that exploits a flaw in Black Basta ransomware, allowing victims to recover their files for free. The decryptor allows Black…
Hospitals ask courts to force cloud storage firm to return stolen data
Two not-for-profit hospitals in New York are seeking a court order to retrieve data stolen in an August ransomware attack and now stored on the…
The Week in Ransomware – December 29th 2023
It’s been a quiet week, with even threat actors appearing to take some time off for the holidays. We did not see much research released…
Malware abuses Google OAuth endpoint to ‘revive’ cookies, hijack accounts
Multiple information-stealing malware families are abusing an undocumented Google OAuth endpoint named “MultiLogin” to restore expired authentication cookies and log into users’ accounts, even if…
Steam game mod breached to push password-stealing malware
Downfall, a fan expansion for the popular Slay the Spire indie strategy game, was breached on Christmas Day to push Epsilon information stealer malware using…
Eagers Automotive halts trading in response to cyberattack
Eagers Automotive has announced it suffered a cyberattack and was forced to halt trading on the stock exchange as it evaluates the impact of the…